Filtered by vendor Mysql
Subscribe
Total
112 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2753 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input. | |||||
| CVE-2006-1518 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 6.5 MEDIUM | N/A |
| Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values. | |||||
| CVE-2003-0780 | 3 Conectiva, Mysql, Oracle | 3 Linux, Mysql, Mysql | 2025-04-03 | 9.0 HIGH | N/A |
| Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field. | |||||
| CVE-2005-0083 | 1 Mysql | 1 Maxdb | 2025-04-03 | 5.0 MEDIUM | N/A |
| MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote attackers to cause a denial of service (application crash) via invalid parameters to the (1) DBMCli_String::ReallocString, (2) DBMCli_String::operator, (3) DBMCli_Buffer::ForceResize, (4) DBMCli_Wizard::InstallDatabase, (5) DBMCli_Devspaces::Complete, (6) DBMWeb_TemplateWizard::askForWriteCountStep5, or (7) DBMWeb_DBMWeb::wizardDB functions, which triggers a null dereference. | |||||
| CVE-2005-2467 | 1 Mysql | 1 Eventum | 2025-04-03 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to view.php, (2) release parameter to list.php, or (3) F parameter to get_jsrs_data.php. | |||||
| CVE-2006-1516 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 5.0 MEDIUM | N/A |
| The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read. | |||||
| CVE-2004-1169 | 1 Mysql | 1 Maxdb | 2025-04-03 | 5.0 MEDIUM | N/A |
| MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause a denial of service (application crash) via an HTTP GET request for a file that does not exist, followed by two carriage returns, which causes a NULL dereference. | |||||
| CVE-2004-0381 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 2.1 LOW | N/A |
| mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. | |||||
| CVE-2006-4227 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 6.5 MEDIUM | N/A |
| MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE. | |||||
| CVE-2005-0082 | 1 Mysql | 1 Maxdb | 2025-04-03 | 5.0 MEDIUM | N/A |
| The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash. | |||||
| CVE-2006-4226 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 3.6 LOW | N/A |
| MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. | |||||
| CVE-2005-0081 | 1 Mysql | 1 Maxdb | 2025-04-03 | 5.0 MEDIUM | N/A |
| MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers. | |||||